Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(460)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/bindings/core/v8/custom/V8WindowCustom.cpp

Issue 2439013002: Implement cross-origin attributes using access check interceptors. (Closed)
Patch Set: Clean up named enumerator interceptor. Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« third_party/WebKit/Source/bindings/core/v8/V8CrossOriginSetterInfo.h ('K') | « third_party/WebKit/Source/bindings/core/v8/V8Initializer.cpp ('k') | third_party/WebKit/Source/bindings/scripts/v8_attributes.py » ('j') | third_party/WebKit/Source/bindings/scripts/v8_attributes.py » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/bindings/core/v8/custom/V8WindowCustom.cpp
diff --git a/third_party/WebKit/Source/bindings/core/v8/custom/V8WindowCustom.cpp b/third_party/WebKit/Source/bindings/core/v8/custom/V8WindowCustom.cpp
index 70f3293c83182cacd79ceca9f8c3eca49c390726..b7b71ff3bda690d3ff8d5ab226ff96ecc20daa0b 100644
--- a/third_party/WebKit/Source/bindings/core/v8/custom/V8WindowCustom.cpp
+++ b/third_party/WebKit/Source/bindings/core/v8/custom/V8WindowCustom.cpp
@@ -142,6 +142,8 @@ void V8Window::openerAttributeSetterCustom(
const v8::PropertyCallbackInfo<void>& info) {
v8::Isolate* isolate = info.GetIsolate();
DOMWindow* impl = V8Window::toImpl(info.Holder());
+ // TODO(dcheng): Investigate removing this, since opener is not really a
+ // cross-origin property (so it shouldn't be accessible to begin with)
ExceptionState exceptionState(ExceptionState::SetterContext, "opener",
"Window", info.Holder(), isolate);
if (!BindingSecurity::shouldAllowAccessTo(currentDOMWindow(info.GetIsolate()),
@@ -289,23 +291,20 @@ void V8Window::namedPropertyGetterCustom(
return;
}
- // If the frame is remote, the caller will never be able to access further
+ // This is a cross-origin interceptor. Check that the caller has access to the
// named results.
- if (!frame->isLocalFrame())
+ if (!BindingSecurity::shouldAllowAccessTo(
+ currentDOMWindow(info.GetIsolate()), window,
+ BindingSecurity::ErrorReportOption::DoNotReport)) {
+ BindingSecurity::failedAccessCheckFor(info.GetIsolate(), frame);
return;
+ }
// Search named items in the document.
Document* doc = toLocalFrame(frame)->document();
haraken 2016/12/08 08:21:02 What happens if the frame is a remote frame? Does
dcheng 2016/12/08 09:04:10 Yes, BindingSecurity will always return false in t
if (!doc || !doc->isHTMLDocument())
return;
- // This is an AllCanRead interceptor. Check that the caller has access to the
- // named results.
- if (!BindingSecurity::shouldAllowAccessTo(
- currentDOMWindow(info.GetIsolate()), window,
- BindingSecurity::ErrorReportOption::DoNotReport))
- return;
-
bool hasNamedItem = toHTMLDocument(doc)->hasNamedItem(name);
bool hasIdItem = doc->hasElementWithId(name);
« third_party/WebKit/Source/bindings/core/v8/V8CrossOriginSetterInfo.h ('K') | « third_party/WebKit/Source/bindings/core/v8/V8Initializer.cpp ('k') | third_party/WebKit/Source/bindings/scripts/v8_attributes.py » ('j') | third_party/WebKit/Source/bindings/scripts/v8_attributes.py » ('J')

Powered by Google App Engine
This is Rietveld 408576698